1.   January 17, 2019  
    Vailtonik's Avatar
    Vailtonik
    Member

    Compromised Accounts - Cannot update password

    Hi,

    So it's that time of the year where I bulk search to see if I've had any data-breaches etc, that'll prompt me to update my credentials.

    I came across this:

    Warmane
    In approximately December 2016, the online service for World of Warcraft private servers Warmane suffered a data breach. The incident exposed over 1.1M accounts including usernames, email addresses, dates of birth and salted MD5 password hashes. The data was subsequently extensively circulated online and was later provided to HIBP by whitehat security researcher and data analyst Adam Davies.

    Breach date: 1 December 2016
    Date added to HIBP: 8 September 2018
    Compromised accounts: 1,116,256
    Compromised data: Dates of birth, Email addresses, Passwords, Usernames
    https://haveibeenpwned.com/PwnedWebsites#Warmane

    To my surprise, it looks like my account email address PII and credentials were exposed on said list, I've not bothered to obtain a copy of the data to see how bad it was, but the fat some PII information got out is pretty bad.

    I don't ever remember getting an email from yourselves notifying me of this data breach? and with the amount of accounts above that have been exposed, I'd like to think you'd want to reach out to these users, most of which may or may not have enabled 2 factor authentication so their accounts are almost as good as gone depending on the password hashing used.

    Furthermore, I've tried to reset my password numerous times, but all the website spews out is: "Invalid new password, please try again"

    What are the accepted / acceptable characters for a password? it's only after numerous trial and errors has it turned around and said 16 characters or lower now i'm using 12 with 1 special character, numbers upper and lower case but i'm getting the same error.
    Quote Quote
  2.   January 17, 2019  
    Anyone0's Avatar
    Anyone0
    Forum Veteran
    Originally Posted by Vailtonik
    What are the accepted / acceptable characters for a password? it's only after numerous trial and errors has it turned around and said 16 characters or lower now i'm using 12 with 1 special character, numbers upper and lower case but i'm getting the same error.
    WoW client ignores upper/lower case and password field is limited to 16 characters. That's why those limitations exist. As far as I know, special characters also aren't allowed in passwords anymore. So it's just letters and numbers.
    Quote Quote
« Previous Topic | Next Topic »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules